Sending spam with malicious attachments is a reasonably popular way of spreading malware and infecting users’ devices on the Internet. According to data from various antivirus companies, the proportion of emails with malicious attachments ranges from 3 to 5 percent of total spam traffic, which means that at least every thirtieth email in the spam mailing stream contains a nasty surprise.
However, this doesn’t mean that the virus will automatically enter your system when you open the email. It doesn’t work that way. For malware to intrude into your system, you first need to download it. Attackers use social engineering (phishing) to get you to do this via email.
So let’s figure out how it works and how not to fall for the hackers’ tricks.
What are the main goals of malware spread via email?
Many of us sometimes get strange letters with screaming titles like “You won a million,” “You’re entitled to a government payout,” “Urgent for execution,” “You’ve received a money transfer,” and others. If you don’t remember anything like that, just open Spam in your email client.
Nowadays such emails usually go to the Spam folder, but spam programs are improving, and some emails still leak through filters. Therefore, every Internet user is a target for malicious activity.
And if you think that you have no secrets and that malware on your device will be “boring,” you are sorely mistaken. Even if there is no valuable information on your device, it will be great for other tasks, such as mining or botnet activity.
Of course, the primary purpose of the hacker is to infect your device with a virus (if successful, encrypting files) to subsequently get a reward from you for unlocking it. However, the hacker’s income from infecting home devices is relatively small, so the main target of attackers is the corporate sector.
For this reason, to prevent unexpected financial and reputational losses, every company should constantly train its employees in safe working with email and have a full-time information and cybersecurity specialist.
What kind of malware is spread via email?
It is common to describe malicious computer programs as viruses in everyday language. However, it is incorrect to use this term because the virus is only one malware type.
According to the spread type, let’s note the following main groups.
Viruses
A virus is defined as malicious code that infects other files (similar to real viruses, which infect biological cells to reproduce themselves). By the way, such malware can also come from another person if their device is infected.
A virus can be used to access a computer in the background, steal a password, or cause a hang-up (various processes fill RAM and load the CPU).
Worms
The behavior of the worm resembles that of a virus. The only difference is in the way it spreads. Whereas a virus can only infiltrate the computer where a person runs an infected program, a worm spreads on its own via computer networks (local and Internet).
The danger of a worm is that it can create and send emails with its copy and thus reach a large number of computers very quickly. It is a very dangerous type of malware, especially when combined with other types.
Thus, its famous representatives are WannaCry and Petya, which, when infecting a device, could encrypt all the files and extort money from the victim to restore access to them.
Trojan software
Trojans are malware that mimics safe software.
For example, you receive an email with a quite ordinary-looking utility for a free review. “This program will increase the performance of your PC by 2 times”, – the description says. Its installation, in general, is also like a normal software product.
However, it contains a hidden malicious component, and once installed or run, this trojan will start to function in the background, together with the original utility. Thus, trojan developers can gain access to the victim’s computer.
How to protect email from phishing and malware
File attachments and links in emails can be dangerous. Follow these guidelines to stay safe.
Use antivirus software
Antivirus software is an essential layer of protection. It can help protect you from software bugs and errors that allow malware to run without your permission. Some antiviruses are also designed to protect your email.
Update your email client, web browser, and OS
Software updates are essential because bad guys regularly find holes and try to exploit them. Software updates plug these holes and protect you. You may be compromised if you use an outdated browser and email client.
Don’t run any dangerous apps
If you receive a PDF file from someone, it’s probably safe to open it (but it’s still not recommended). However, if you suddenly get an email with a .exe file or another potentially dangerous file type that you’re not expecting – even if it’s from someone you know, you probably shouldn’t run the attachment. Be extremely careful with email attachments – they’re still a common source of infection.
Be careful with links
If a link looks like it leads to a website that hosts malware and scams, you shouldn’t click it. If you have already done this, don’t download or run potentially dangerous files. You should also watch out for phishing – if you click a link in an email that appears to be from your bank and goes to a similar website, it may not be your bank’s website but a clever imposter.
What does phishing mean in cybersecurity?
Phishing is a way to get a person to share confidential information, such as a password or credit card number. Just as general fishermen use various fishing methods, phishing scammers use several methods to “hook” their victims. But one of their tactics is the most common.
The victim receives an email or text message from a sender impersonating a person or organization that the victim trusts, such as a co-worker, bank employee, or government official. When the unsuspecting recipient opens the email or text message, they discover a frightening text designed to suppress common sense and instill fear. The text requires the victim to go to a website and take action immediately to avoid danger or serious consequences.
If the user takes the “bait” and clicks on the link, it takes him to a website that mimics a legitimate online resource. The website asks users to “log in” using their account name and password. If the user is gullible enough to agree, the data entered goes directly to attackers, who then use it to steal confidential information or money from bank accounts. They can also sell personal data on the black market.
